Beware — These Ransomware Hackers Are Watching You Work
Ransomware attackers can now watch what you are doing.
The ransomware threat is evolving, and attackers are continually seeking new angles and technologies to exploit, to aid with leveraging payments in these modern-day extortion schemes. Some are hard to fathom, like the DOGE-trolling hackers demanding $1 trillion, exploiting zero-day vulnerabilities in Windows, and the increasingly common use of 2FA bypass attacks and access to 19 billion compromised passwords on the dark web. But what if ransomware hackers were using employee monitoring software to see what you are up to during the attack and to steal your credentials as well? Welcome to the sinister world of Qilin and Hunters International ransomware.
While the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have recently issued a security alert about the dangers that unsophisticated threat actors pose to U.S. critical infrastructure services, that doesn't mean all ransomware hackers are using the kind of basic and elementary intrusion techniques described in the CISA advisory. Take the Qilin and Hunters International ransomware threat, whose affiliates have been observed using a legitimate employee monitoring tool during their attacks.
The ransomware attacks in question started with malicious Google Ads deployed by the threat actors. These were designed to display 'when people searched for RVTools, a free Windows utility for managing VMware vSphere deployments,' Sergiu Gatlan at Bleeping Computer, said. If the would-be victim clicked through that advert then it started a waterfall of nefarious events leading to the download and installation of something called Kickidler.
Here's the thing: Kickidler is not malware. In fact, it's a perfectly legitimate employee monitoring tool that's deployed by more than 5,000 organizations across the world. The key point of interest is that it provides a visual monitoring capability. Once installed, the ransomware hackers can literally see what you are doing.
Varonis threat research investigators have suggested that the ransomware attackers have used the software in order to have undetected access to target systems for weeks at a time, enabling the collection of the credentials required to gain access to critical off-site cloud data backups. It is recommended, therefore, that network defenders ensure the effective and regular auditing of any installed remote monitoring and management software.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Entrepreneur
an hour ago
- Entrepreneur
Bessemer Appoints Pankaj Mitra as Partner to Lead India Investments in AI, Enterprise Tech
The tech industry veteran brings over 25 years of experience to Bessemer, where he will focus on AI, enterprise-tech and cybersecurity investments in India. You're reading Entrepreneur India, an international franchise of Entrepreneur Media. Global venture capital firm Bessemer Venture Partners has announced the appointment of tech industry veteran Pankaj Mitra as a Partner in its India practice, underscoring its continued commitment to backing the next generation of technology leaders in the region. Mitra will focus primarily on enterprise tech, artificial intelligence (AI), and cybersecurity. Mitra brings over 25 years of industry experience to Bessemer, having previously led investments and M&A efforts at Cisco's corporate development team, particularly for its global Customer Experiences portfolio and Indian operations. His impressive investment track record includes stakes in companies such as Fiddler (AI observability), Uniphore (contact center AI), and Whatfix (digital adoption). "I am thrilled to join Bessemer at this pivotal time," said Mitra. "The ongoing AI platform shift offers a once-in-a-generation opportunity for builders to usher in the next wave of tech evolution across industries. With its stellar track record, Bessemer is poised to partner with this new generation of ambitious, world-class founders in India addressing pain points domestically and globally, and I'm excited to be part of this journey." Prior to Cisco, Mitra was part of Infosys's USD 500 million innovation fund, where he invested in firms like Ideaforge and Whoop. His early career includes roles at VMware, where he helped launch its first cloud services, and at Deloitte as a management consultant. Mitra holds a degree from IIT Kharagpur and an MBA from the UC Berkeley Haas School of Business. Vishal Gupta, Partner at Bessemer, said, "We are delighted to welcome Pankaj to the Bessemer family. He brings a breadth of experience which is a unique blend of investing prowess as well as deep industry knowledge. This will be invaluable as we look to deepen our commitments in AI, enterprise-tech, and cybersecurity in India." Bessemer Venture Partners, with over USD 18 billion in assets under management, has backed iconic global companies including LinkedIn, Shopify, Twilio, DocuSign, and Toast. In India, the firm has been active for over two decades, with past and current investments in Swiggy, Urban Company, Boldfit, Easebuzz, and others. In March 2025, Bessemer announced its second India-focused fund of USD 350 million, targeting areas such as AI, fintech, enterprise-tech, digital health, and cybersecurity—sectors directly aligned with Mitra's expertise.
Forbes
an hour ago
- Forbes
Logitech Is Born To Be Wired With New Signature Slim Wired Combo Keyboard And Mouse
With more people returning to the workplace for at least part of the week, some companies are looking to refresh their IT systems. Instead of replacing entire computers that haven't been used a great deal, some companies are investing in new mice, keyboards and screens to give things a facelift. Logitech has announced the launch of its Signature Slim Wired MK620 and MK625 Combo for Business. Consisting of a revamped keyboard and mouse package, the Combo is designed for companies and industries that prefer to use wired peripherals for reasons of reliability and physical security in shared workspaces. The keyboard and mouse combo can easily switch between Windows PCs, macOS and ChromeOS devices, making the setup suitable for people working in shared spaces with desktop computers or where people bring their laptop but need an external screen, keyboard and mouse. Launching a wired mouse and keyboard may seem a little counterintuitive in this age of wireless peripherals, but there is plenty of logic behind Logitech's position. Indeed, many workplaces have compelling reasons not to use wireless devices and don't want to cut the cord. For example, on financial trading floors, the physical security of devices is vital and the keyboard must be instantly responsive. In medical settings, something like a flat battery in a wireless keyboard or mouse can hinder the input of test results, especially in critical situations. Meanwhile, in schools, colleges and shared workspaces, wired keyboards tend to be stolen far less often. 'Workers in these industries deserve the same modern experience typically seen in wireless tech,' says Henry Levak, VP of Product, Logitech for Business. 'Signature Slim Wired Combo MK620 rewrites the old-school perception of wired devices. It's the end of wired as we know it; time to introduce upgraded performance and customization in a wired model designed for the critical needs of government, banking, healthcare, and shared public spaces.' This latest addition to Logitech's Signature Slim family includes the Signature Slim Wired MK620 for Business keyboard that offers a similar feel to a laptop-style keyboard that many people are used to using. The keyboard has a dedicated AI Launch Key with instant access to Microsoft's Copilot for Windows or Gemini for ChromeOS. The keyboard can also be customized to launch other AI tools such as ChatGPT and Perplexity. For users of meeting software like Microsoft Teams, Google Meet and Zoom, the new keyboard has shortcuts that can be configured using the Logi Tune software for creating handy actions like muting a microphone, turning off a webcam or sharing a screen with a single keystroke. The new keyboard comes with the Signature Wired M520 or M520 L for Business mouse. The ambidextrous rodent can be used by left-handed and right-handed people, plus it has an adjustable cursor speed. With a flick of the mouse's SmartWheel, users can activate super-fast scrolling that can race through lengthy web pages or large spreadsheets. Alternatively, users can scroll documents line-by-line with Silent Touch technology that reduces 90% of the mouse's clicking noises. While employees might not appreciate coming back to the office, finding a brand-new and up-to-date keyboard and mouse could ease the pain a little. Logitech thinks IT teams will also appreciate how easy it is to deploy en masse. The Signature Slim Wired Combo MK620 has a switch for IT and employees to easily toggle between Windows, MacOS, and ChromeOS. IT departments can plug the keyboard and mouse into USB-C ports and then choose the operating system they want and deploy multiple devices across the company. The status of the mouse and keyboard can be checked with Logitech's Sync portal and tap into global support when needed. Because wired devices don't require any batteries or recharging, less maintenance is required. This makes connectivity more reliable and there's also less risk of the devices being stolen. The upshot is fewer support calls and help desk tickets. As a company originating in Switzerland, Logitech is hot on sustainability and the Signature Slim Wired Combo MK620 is no exception. Both devices are made with plastic parts containing a minimum of 66% post-consumer recycled material and they are shipped in paper packaging from FSC-certified forests and other controlled sources. The keyboard plate is made with low-carbon aluminum and the MK620 combo improves power efficiency by consuming 49% less energy on the keyboard and 50% less on the mouse than its predecessor, the MK120 wired combo. The Logitech Signature Slim Wired Combo MK620 & MK625 for Business will be available globally from June 27 and priced at $69.99. The K620 keyboard is available separately for $49.99, while the M520 and M520 L mice sell for $24.99. All products are available from and through authorized resellers.
Android Authority
an hour ago
- Android Authority
The Google Pixel 10 series isn't launching on August 13, after all
TL;DR The Google Pixel 10 series launch date has reportedly been delayed by a week from August 13 to August 20. News of the delay comes via the same outlet that originally reported an August 13 reveal date. The phones will apparently ship and be available in-store on August 28. The Google Pixel 10 series is widely expected to arrive later this year, and a report earlier this week pointed to an August 13 reveal date. It now sounds like we should expect a slightly delayed launch, though. Android Headlines reported earlier this week that the Pixel 10 series would be revealed on August 13. However, the outlet's sources have now claimed that the event will take place on August 20. 'Our sources immediately contacted us after publication to say that it had been moved back a week to August 20,' the website explained, adding that it then contacted more sources who confirmed the new launch date. The website explained that pre-orders would also kick off on August 20, while devices would ship and be available in-store on August 28. This revised launch date would be a week later than the Pixel 9 family's launch date (August 13). Nevertheless, it certainly sounds like August is a lock for the new phones. Got a tip? Talk to us! Email our staff at Email our staff at news@ . You can stay anonymous or get credit for the info, it's your choice.
